Merge pull request #2903

8d4469a0 ringct: do not include bulletproof commitments in signed message (moneromooo-monero)
This commit is contained in:
Riccardo Spagni 2017-12-09 19:05:55 +02:00
commit 2b5abb8269
No known key found for this signature in database
GPG Key ID: 55432DF31CCD4FCD

View File

@ -347,11 +347,11 @@ namespace rct {
keyV kv; keyV kv;
if (rv.type == RCTTypeSimpleBulletproof || rv.type == RCTTypeFullBulletproof) if (rv.type == RCTTypeSimpleBulletproof || rv.type == RCTTypeFullBulletproof)
{ {
kv.reserve((6*2+10) * rv.p.bulletproofs.size()); kv.reserve((6*2+9) * rv.p.bulletproofs.size());
for (const auto &p: rv.p.bulletproofs) for (const auto &p: rv.p.bulletproofs)
{ {
for (size_t n = 0; n < p.V.size(); ++n) // V are not hashed as they're expanded from outPk.mask
kv.push_back(p.V[n]); // (and thus hashed as part of rctSigBase above)
kv.push_back(p.A); kv.push_back(p.A);
kv.push_back(p.S); kv.push_back(p.S);
kv.push_back(p.T1); kv.push_back(p.T1);